Process Monitor Report

G-Lock Software \ Products \ AATools \ Report examples\ Process Monitor Report

Process Monitor Report [Computer: VICONT; Date: 1/29/2002 7:52:52 PM]

Process: System Idle Process
Process Info	PID: 0 Priority: N/A Modules: 69 Path: System Idle Process
Modules List	AAtools.exe, ntdll.dll, kernel32.dll, user32.dll, GDI32.DLL, advapi32.dll, RPCRT4.DLL, oleaut32.dll, ole32.dll, mpr.dll, version.dll, LZ32.DLL, comctl32.dll, imm32.dll, winspool.drv, shell32.dll, SHLWAPI.DLL, wininet.dll, TAPI32.dll, MSVCRT.DLL, comdlg32.dll, wsock32.dll, WS2_32.DLL, WS2HELP.DLL, winmm.dll, hhctrl.ocx, urlmon.dll, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, SAMLIB.DLL, NETAPI32.DLL, SECUR32.DLL, NETRAP.DLL, WLDAP32.DLL, DNSAPI.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, USERENV.DLL, RASAPI32.DLL, RASMAN.DLL, DHCPCSVC.DLL, INDICDLL.dll, CLBCATQ.DLL, cscui.dll, CSCDLL.DLL, psapi.dll, IMAGEHLP.dll, rnr20.dll, winrnr.dll, rasadhlp.dll, wdmaud.drv, dao360.dll, msado15.dll, MSDART32.DLL, ntshrui.dll, ATL.DLL, browseui.dll, SHDOCVW.dll, mydocs.dll, ntlanman.dll, NETUI0.DLL, NETUI1.DLL, aports.dll, msafd.dll, wshtcpip.dll, MSI.DLL

Process: System Process
Process Info	PID: 8 Priority: Normal Modules: 0 Path: System Process
Modules List

Process: smss.exe
Process Info	PID: 140 Priority: Normal Modules: 3 Path: \SystemRoot\System32\smss.exe
Modules List	smss.exe, ntdll.dll, sfcfiles.dll

Process: csrss.exe
Process Info	PID: 164 Priority: Normal Modules: 8 Path: \??\C:\WINNT\system32\csrss.exe
Modules List	csrss.exe, ntdll.dll, CSRSRV.dll, basesrv.dll, winsrv.dll, USER32.DLL, KERNEL32.DLL, GDI32.DLL

Process: winlogon.exe
Process Info	PID: 184 Priority: High Modules: 48 Path: \??\C:\WINNT\system32\winlogon.exe
Modules List	winlogon.exe, ntdll.dll, MSVCRT.DLL, KERNEL32.dll, ADVAPI32.DLL, RPCRT4.DLL, GDI32.DLL, USER32.DLL, USERENV.DLL, NDDEAPI.DLL, SFC.DLL, sfcfiles.dll, SECUR32.DLL, PROFMAP.DLL, NETAPI32.dll, NETRAP.DLL, SAMLIB.DLL, WS2_32.DLL, WS2HELP.DLL, WLDAP32.DLL, DNSAPI.DLL, WSOCK32.DLL, msgina.dll, SHELL32.DLL, SHLWAPI.DLL, COMCTL32.DLL, WINMM.dll, setupapi.dll, wintrust.dll, CRYPT32.dll, MSASN1.DLL, IMAGEHLP.dll, ole32.dll, mscat32.dll, rsaenh.dll, VERSION.dll, LZ32.DLL, wdmaud.drv, cscdll.dll, WlNotify.dll, WINSCARD.DLL, WINSPOOL.DRV, cscui.dll, OLEAUT32.DLL, CLBCATQ.DLL, msacm32.drv, MSACM32.dll, msv1_0.dll

Process: services.exe
Process Info	PID: 212 Priority: Normal Modules: 63 File Version: 5.00.2195.2780 Path: C:\WINNT\system32\services.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Services and Controller app
Modules List	services.exe, ntdll.dll, RPCRT4.DLL, KERNEL32.DLL, ADVAPI32.DLL, NETAPI32.DLL, MSVCRT.DLL, SECUR32.DLL, NETRAP.DLL, SAMLIB.DLL, WS2_32.DLL, WS2HELP.DLL, WLDAP32.DLL, DNSAPI.DLL, WSOCK32.DLL, USER32.DLL, GDI32.DLL, UMPNPMGR.DLL, USERENV.DLL, SCESRV.DLL, NTDSAPI.DLL, eventlog.dll, dhcpcsvc.dll, ICMP.DLL, IPHLPAPI.DLL, MPRAPI.DLL, OLE32.DLL, OLEAUT32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, RASAPI32.DLL, RASMAN.DLL, TAPI32.DLL, COMCTL32.DLL, SHLWAPI.DLL, CLBCATQ.DLL, dnsrslvr.dll, lmhsvc.dll, msafd.dll, wshtcpip.dll, WINSTA.DLL, dmserver.dll, CFGMGR32.DLL, Srvsvc.dll, WINSPOOL.DRV, wkssvc.dll, CRYPTDLL.DLL, cryptsvc.dll, psbase.dll, rsaenh.dll, CRYPT32.dll, MSASN1.DLL, seclogon.dll, trkwks.dll, browser.dll, msgsvc.dll, mswsock.dll, rnr20.dll, winrnr.dll, rasadhlp.dll, wmicore.dll

Process: lsass.exe
Process Info	PID: 224 Priority: Normal Modules: 55 File Version: 5.00.2195.2964 Path: C:\WINNT\system32\lsass.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: LSA Executable and Server DLL (Export Version)
Modules List	lsass.exe, ntdll.dll, KERNEL32.dll, LSASRV.dll, MSVCRT.DLL, CRYPTDLL.DLL, ADVAPI32.DLL, RPCRT4.DLL, SECUR32.DLL, USER32.DLL, GDI32.DLL, SAMSRV.DLL, DNSAPI.DLL, WSOCK32.DLL, WS2_32.DLL, WS2HELP.DLL, MSASN1.DLL, NETAPI32.DLL, NETRAP.DLL, SAMLIB.DLL, WLDAP32.DLL, msprivs.dll, kerberos.dll, msv1_0.dll, netlogon.dll, NTDSAPI.DLL, schannel.dll, CRYPT32.DLL, USERENV.DLL, rsabase.dll, ole32.dll, mpr.dll, setupapi.dll, COMCTL32.dll, scecli.dll, polagent.dll, MFC42U.DLL, OAKLEY.DLL, IPHLPAPI.DLL, ICMP.DLL, MPRAPI.DLL, OLEAUT32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, RASAPI32.DLL, RASMAN.DLL, TAPI32.DLL, SHLWAPI.DLL, DHCPCSVC.DLL, CLBCATQ.DLL, msafd.dll, wshtcpip.dll, rsaenh.dll, dssenh.dll

Process: svchost.exe
Process Info	PID: 388 Priority: Normal Modules: 43 File Version: 5.00.2134.1 Path: C:\WINNT\system32\svchost.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Generic Host Process for Win32 Services
Modules List	svchost.exe, ntdll.dll, ADVAPI32.DLL, KERNEL32.DLL, RPCRT4.DLL, OLE32.DLL, GDI32.DLL, USER32.DLL, rpcss.dll, MSVCRT.DLL, USERENV.DLL, WS2_32.DLL, WS2HELP.DLL, SECUR32.DLL, mswsock.dll, DNSAPI.DLL, WSOCK32.DLL, msafd.dll, wshtcpip.dll, rnr20.dll, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, SAMLIB.DLL, NETAPI32.DLL, NETRAP.DLL, WLDAP32.DLL, OLEAUT32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, RASAPI32.DLL, RASMAN.DLL, TAPI32.DLL, COMCTL32.DLL, SHLWAPI.DLL, DHCPCSVC.DLL, CLBCATQ.DLL, winrnr.dll, rasadhlp.dll, wshnetbs.dll, msv1_0.dll

Process: spoolsv.exe
Process Info	PID: 420 Priority: Normal Modules: 50 File Version: 5.00.2161.1 Path: C:\WINNT\system32\spoolsv.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Spooler SubSystem App
Modules List	spoolsv.exe, ntdll.dll, MSVCRT.DLL, KERNEL32.dll, ADVAPI32.DLL, RPCRT4.DLL, GDI32.dll, USER32.DLL, SPOOLSS.DLL, WS2_32.DLL, WS2HELP.DLL, DNSAPI.DLL, WSOCK32.DLL, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, SAMLIB.DLL, NETAPI32.DLL, SECUR32.DLL, NETRAP.DLL, WLDAP32.DLL, OLE32.DLL, OLEAUT32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, USERENV.DLL, RASAPI32.DLL, RASMAN.DLL, TAPI32.DLL, COMCTL32.DLL, SHLWAPI.DLL, DHCPCSVC.DLL, CLBCATQ.DLL, rasadhlp.dll, localspl.dll, VERSION.DLL, LZ32.DLL, SFC.DLL, sfcfiles.dll, winspool.drv, cnbjmon.dll, pjlmon.dll, tcpmon.dll, usbmon.dll, rnr20.dll, winrnr.dll, inetpp.dll, win32spl.dll

Process: svchost.exe
Process Info	PID: 488 Priority: Normal Modules: 60 File Version: 5.00.2134.1 Path: C:\WINNT\System32\svchost.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Generic Host Process for Win32 Services
Modules List	svchost.exe, ntdll.dll, ADVAPI32.DLL, KERNEL32.DLL, RPCRT4.DLL, OLE32.DLL, GDI32.DLL, USER32.DLL, es.dll, TXFAUX.DLL, MSVCRT.dll, OLEAUT32.DLL, ntmssvc.dll, CLBCATQ.DLL, sens.dll, COMCTL32.dll, WS2_32.dll, WS2HELP.DLL, tapisrv.dll, secur32.dll, rasmans.dll, rtutils.dll, CRYPT32.dll, MSASN1.DLL, netcfgx.dll, DNSAPI.dll, WSOCK32.DLL, RASAPI32.dll, RASMAN.DLL, TAPI32.DLL, SHLWAPI.DLL, RASDLG.dll, MPRAPI.dll, SAMLIB.DLL, NETAPI32.DLL, NETRAP.DLL, WLDAP32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, SETUPAPI.DLL, USERENV.DLL, NTMARTA.DLL, WINSPOOL.DRV, NTDSAPI.dll, iphlpapi.dll, ICMP.DLL, DHCPCSVC.DLL, netman.dll, NETSHELL.dll, SHELL32.DLL, WMI.dll, COMSVCS.DLL, MSDTCPRX.dll, MTXCLU.DLL, VERSION.dll, LZ32.DLL, CLUSAPI.DLL, RESUTILS.DLL, ATL.DLL, NTMSDBA.dll

Process: regsvc.exe
Process Info	PID: 528 Priority: Normal Modules: 6 File Version: 5.00.2195.2104 Path: C:\WINNT\system32\regsvc.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Remote Registry Service
Modules List	regsvc.exe, ntdll.dll, ADVAPI32.dll, KERNEL32.DLL, RPCRT4.DLL, secur32.dll

Process: MSTask.exe
Process Info	PID: 544 Priority: Normal Modules: 43 File Version: 4.71.2195.1 Path: C:\WINNT\system32\MSTask.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1997 Description: Task Scheduler Engine
Modules List	MSTask.exe, ntdll.dll, MSVCRT.dll, KERNEL32.dll, ADVAPI32.dll, RPCRT4.DLL, GDI32.dll, USER32.DLL, NETAPI32.dll, SECUR32.DLL, NETRAP.DLL, SAMLIB.DLL, WS2_32.DLL, WS2HELP.DLL, WLDAP32.DLL, DNSAPI.DLL, WSOCK32.DLL, NTDSAPI.dll, SHLWAPI.dll, SHELL32.dll, COMCTL32.DLL, USERENV.dll, mswsock.dll, msafd.dll, wshtcpip.dll, rnr20.dll, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, OLE32.DLL, OLEAUT32.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, RASAPI32.DLL, RASMAN.DLL, TAPI32.DLL, DHCPCSVC.DLL, CLBCATQ.DLL, winrnr.dll, rasadhlp.dll, MSIDLE.DLL

Process: WinMgmt.exe
Process Info	PID: 616 Priority: Normal Modules: 12 File Version: 1.50.1085.0029 Path: C:\WINNT\System32\WBEM\WinMgmt.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1995-1999 Description: Windows Management Instrumentation
Modules List	WinMgmt.exe, ntdll.dll, wbemcomn.dll, USER32.dll, KERNEL32.DLL, GDI32.DLL, MSVCRT.dll, ADVAPI32.dll, RPCRT4.DLL, OLEAUT32.dll, ole32.dll, CLBCATQ.DLL

Process: Explorer.EXE
Process Info	PID: 904 Priority: Normal Modules: 96 File Version: 5.00.3315.2846 Path: C:\WINNT\Explorer.EXE Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1981-1999 Description: Windows Explorer
Modules List	Explorer.EXE, ntdll.dll, ADVAPI32.DLL, KERNEL32.DLL, RPCRT4.DLL, GDI32.DLL, USER32.DLL, SHLWAPI.DLL, COMCTL32.DLL, shim.dll, version.dll, LZ32.DLL, _W2KPLYR.DLL, SHELL32.dll, OLE32.DLL, CLBCATQ.DLL, OLEAUT32.dll, MSVCRT.dll, cscui.dll, CSCDLL.DLL, SHDOCVW.DLL, browseui.dll, USERENV.DLL, mydocs.dll, MPR.DLL, ntshrui.dll, ATL.DLL, NETAPI32.DLL, SECUR32.DLL, NETRAP.DLL, SAMLIB.DLL, WS2_32.DLL, WS2HELP.DLL, WLDAP32.DLL, DNSAPI.DLL, WSOCK32.DLL, ntlanman.dll, NETUI0.DLL, NETUI1.DLL, NETSHELL.dll, webcheck.dll, stobject.dll, BATMETER.DLL, SETUPAPI.DLL, POWRPROF.DLL, WINMM.DLL, MSI.DLL, wdmaud.drv, msacm32.drv, MSACM32.dll, WININET.DLL, TAPI32.dll, INDICDLL.dll, IMM32.dll, LINKINFO.DLL, browselc.dll, URLMON.DLL, mlang.dll, mshtml.dll, shdoclc.dll, jscript.dll, webvw.dll, MSLS31.DLL, mshtmled.dll, msadp32.acm, docprop2.dll, MSVFW32.DLL, AVIFIL32.DLL, faxshell.dll, thumbvw.dll, USP10.DLL, SHFOLDER.DLL, WZSHLSTB.DLL, MSONSEXT.DLL, CRYPT32.dll, MSASN1.DLL, WINTRUST.dll, IMAGEHLP.dll, actxprxy.dll, RASAPI32.DLL, RASMAN.DLL, RTUTILS.DLL, sensapi.dll, WZSHLEX1.dll, WZCAB3.DLL, CfgMgr32.dll, dsquery.dll, comdlg32.dll, dsuiext.dll, NTDSAPI.dll, ACTIVEDS.dll, ADSLDPC.DLL, WINSPOOL.DRV, msxml.dll, mstask.dll, query.dll

Process: atiptaxx.exe
Process Info	PID: 952 Priority: Normal Modules: 21 File Version: 6.13.2519 Path: C:\WINNT\System32\atiptaxx.exe Company: ATI Technologies, Inc. Copyright: Copyright (C) 1998-2001 ATI Technologies Inc. Description: ATI Desktop Control Panel
Modules List	atiptaxx.exe, ntdll.dll, RPCRT4.dll, KERNEL32.DLL, ADVAPI32.DLL, USER32.dll, GDI32.DLL, SHELL32.dll, SHLWAPI.DLL, COMCTL32.DLL, VERSION.dll, LZ32.DLL, ole32.dll, ATRPUIXX.RUS, CLBCATQ.DLL, OLEAUT32.dll, MSVCRT.dll, atipdsxx.dll, cfgmgr32.dll, setupapi.dll, USERENV.DLL

Process: Promon.exe
Process Info	PID: 964 Priority: Normal Modules: 10 File Version: 1.11 Path: C:\WINNT\System32\Promon.exe Company: Intel Corporation Copyright: Copyright (C) 1998-2000 Intel Corporation. All Rights Reserved. Description: Intel(R) PROSet Tray Icon
Modules List	Promon.exe, ntdll.dll, KERNEL32.dll, USER32.dll, GDI32.DLL, ADVAPI32.dll, RPCRT4.DLL, SHELL32.dll, SHLWAPI.DLL, COMCTL32.DLL

Process: internat.exe
Process Info	PID: 988 Priority: Normal Modules: 15 File Version: 5.00.2920.0000 Path: C:\WINNT\System32\internat.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1994-1999 Description: Keyboard Language Indicator Applet
Modules List	internat.exe, ntdll.dll, KERNEL32.dll, USER32.dll, GDI32.DLL, COMCTL32.dll, ADVAPI32.dll, RPCRT4.DLL, IMM32.dll, SETUPAPI.dll, MSVCRT.DLL, USERENV.DLL, SHELL32.dll, SHLWAPI.DLL, INDICDLL.dll

Process: msimn.exe
Process Info	PID: 652 Priority: Normal Modules: 72 File Version: 5.50.4522.1200 Path: C:\Program Files\Outlook Express\msimn.exe Company: Microsoft Corporation Copyright: Copyright (C) Microsoft Corp. 1995-2000 Description: Outlook Express
Modules List	msimn.exe, ntdll.dll, ADVAPI32.dll, KERNEL32.DLL, RPCRT4.DLL, USER32.dll, GDI32.DLL, SHLWAPI.dll, MSOE.DLL, MSOERT2.dll, ole32.dll, COMCTL32.dll, OLEAUT32.dll, MSOEACCT.dll, INETCOMM.dll, acctres.dll, inetres.dll, msoeres.dll, INDICDLL.dll, IMM32.dll, SHDOCVW.DLL, MSVCRT.dll, SHELL32.dll, WININET.DLL, TAPI32.dll, CLBCATQ.DLL, msident.dll, VERSION.dll, LZ32.DLL, msidntld.dll, PSTOREC.DLL, ATL.DLL, directdb.dll, shdoclc.dll, mlang.dll, browseui.dll, wab32.dll, wab32res.dll, RASAPI32.DLL, RASMAN.DLL, WS2_32.DLL, WS2HELP.DLL, RTUTILS.DLL, sensapi.dll, USERENV.DLL, netapi32.dll, SECUR32.DLL, NETRAP.DLL, SAMLIB.DLL, WLDAP32.DLL, DNSAPI.DLL, WSOCK32.DLL, mshtml.dll, URLMON.DLL, rnr20.dll, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, SETUPAPI.DLL, DHCPCSVC.DLL, winrnr.dll, rasadhlp.dll, msafd.dll, wshtcpip.dll, MSLS31.DLL, mshtmled.dll, winmm.dll, wdmaud.drv, msacm32.drv, MSACM32.dll

Process: AAtools.exe
Process Info	PID: 912 Priority: Normal Modules: 69 File Version: 5.0.0.837 Path: D:\Project\AATools50\AAtools.exe Company: G-Lock Software Copyright: Copyright (C) G-Lock Software 1999-2002 Description: Advanced Administrative Tools
Modules List	AAtools.exe, ntdll.dll, kernel32.dll, user32.dll, GDI32.DLL, advapi32.dll, RPCRT4.DLL, oleaut32.dll, ole32.dll, mpr.dll, version.dll, LZ32.DLL, comctl32.dll, imm32.dll, winspool.drv, shell32.dll, SHLWAPI.DLL, wininet.dll, TAPI32.dll, MSVCRT.DLL, comdlg32.dll, wsock32.dll, WS2_32.DLL, WS2HELP.DLL, winmm.dll, hhctrl.ocx, urlmon.dll, iphlpapi.dll, ICMP.DLL, MPRAPI.DLL, SAMLIB.DLL, NETAPI32.DLL, SECUR32.DLL, NETRAP.DLL, WLDAP32.DLL, DNSAPI.DLL, ACTIVEDS.DLL, ADSLDPC.DLL, RTUTILS.DLL, SETUPAPI.DLL, USERENV.DLL, RASAPI32.DLL, RASMAN.DLL, DHCPCSVC.DLL, INDICDLL.dll, CLBCATQ.DLL, cscui.dll, CSCDLL.DLL, psapi.dll, IMAGEHLP.dll, rnr20.dll, winrnr.dll, rasadhlp.dll, wdmaud.drv, dao360.dll, msado15.dll, MSDART32.DLL, ntshrui.dll, ATL.DLL, browseui.dll, SHDOCVW.dll, mydocs.dll, ntlanman.dll, NETUI0.DLL, NETUI1.DLL, aports.dll, msafd.dll, wshtcpip.dll, MSI.DLL

Drivers
Driver	ID	Path
ntoskrnl.exe	$80400000	\WINNT\System32\ntoskrnl.exe
hal.dll	$80062000	\WINNT\System32\hal.dll
BOOTVID.DLL	$ED410000	\WINNT\System32\BOOTVID.DLL
ACPI.sys	$BFFD8000	ACPI.sys
WMILIB.SYS	$ED5C8000	\WINNT\System32\DRIVERS\WMILIB.SYS
pci.sys	$ED000000	pci.sys
isapnp.sys	$ED010000	isapnp.sys
pciide.sys	$ED5C9000	pciide.sys
PCIIDEX.SYS	$ED280000	\WINNT\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys	$ED288000	MountMgr.sys
ftdisk.sys	$BFFBB000	ftdisk.sys
Diskperf.sys	$ED500000	Diskperf.sys
dmload.sys	$ED502000	dmload.sys
dmio.sys	$BFF99000	dmio.sys
PartMgr.sys	$ED414000	PartMgr.sys
atapi.sys	$BFF84000	atapi.sys
disk.sys	$ED290000	disk.sys
CLASSPNP.SYS	$ED020000	\WINNT\System32\DRIVERS\CLASSPNP.SYS
Fastfat.sys	$BFF61000	Fastfat.sys
KSecDD.sys	$BFF50000	KSecDD.sys
NDIS.sys	$BFF28000	NDIS.sys
ohci1394.sys	$ED030000	ohci1394.sys
1394BUS.SYS	$ED040000	\WINNT\System32\DRIVERS\1394BUS.SYS
Mup.sys	$BFF12000	Mup.sys
agp440.sys	$ED298000	agp440.sys
VIDEOPRT.SYS	$ED070000	\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
ati2mtaa.sys	$BFEAA000	\SystemRoot\System32\DRIVERS\ati2mtaa.sys
e100bnt5.sys	$BFE94000	\SystemRoot\System32\DRIVERS\e100bnt5.sys
i8042prt.sys	$ED080000	\SystemRoot\System32\DRIVERS\i8042prt.sys
mouclass.sys	$ED2C8000	\SystemRoot\System32\DRIVERS\mouclass.sys
kbdclass.sys	$ED2D8000	\SystemRoot\System32\DRIVERS\kbdclass.sys
cdrom.sys	$ED2E8000	\SystemRoot\System32\DRIVERS\cdrom.sys
USBD.SYS	$ED308000	\SystemRoot\System32\DRIVERS\USBD.SYS
uhcd.sys	$ED2F8000	\SystemRoot\System32\DRIVERS\uhcd.sys
KS.SYS	$BFE53000	\SystemRoot\system32\drivers\KS.SYS
portcls.sys	$BFE6F000	\SystemRoot\system32\drivers\portcls.sys
ichaud.sys	$ED318000	\SystemRoot\system32\drivers\ichaud.sys
fdc.sys	$ED330000	\SystemRoot\System32\DRIVERS\fdc.sys
serial.sys	$ED090000	\SystemRoot\System32\DRIVERS\serial.sys
serenum.sys	$ED484000	\SystemRoot\System32\DRIVERS\serenum.sys
parport.sys	$ED348000	\SystemRoot\System32\DRIVERS\parport.sys
gameenum.sys	$ED48C000	\SystemRoot\System32\DRIVERS\gameenum.sys
audstub.sys	$ED5D3000	\SystemRoot\System32\DRIVERS\audstub.sys
rasl2tp.sys	$ED0A0000	\SystemRoot\System32\DRIVERS\rasl2tp.sys
ndistapi.sys	$ED494000	\SystemRoot\System32\DRIVERS\ndistapi.sys
ndiswan.sys	$BFE3D000	\SystemRoot\System32\DRIVERS\ndiswan.sys
TDI.SYS	$ED4A4000	\SystemRoot\System32\DRIVERS\TDI.SYS
raspptp.sys	$ED0B0000	\SystemRoot\System32\DRIVERS\raspptp.sys
ptilink.sys	$ED368000	\SystemRoot\System32\DRIVERS\ptilink.sys
raspti.sys	$ED378000	\SystemRoot\System32\DRIVERS\raspti.sys
parallel.sys	$ED0C0000	\SystemRoot\System32\DRIVERS\parallel.sys
swenum.sys	$ED5D4000	\SystemRoot\System32\DRIVERS\swenum.sys
update.sys	$BFE1E000	\SystemRoot\System32\DRIVERS\update.sys
usbhub.sys	$ED0E0000	\SystemRoot\System32\DRIVERS\usbhub.sys
flpydisk.sys	$ED3A0000	\SystemRoot\System32\DRIVERS\flpydisk.sys
NDProxy.SYS	$ED100000	\SystemRoot\System32\Drivers\NDProxy.SYS
Fs_Rec.SYS	$ED50A000	\SystemRoot\System32\Drivers\Fs_Rec.SYS
Null.SYS	$ED5D7000	\SystemRoot\System32\Drivers\Null.SYS
Beep.SYS	$ED5D8000	\SystemRoot\System32\Drivers\Beep.SYS
vga.sys	$ED4C4000	\SystemRoot\System32\drivers\vga.sys
mnmdd.SYS	$ED5D9000	\SystemRoot\System32\Drivers\mnmdd.SYS
Msfs.SYS	$ED3C0000	\SystemRoot\System32\Drivers\Msfs.SYS
Npfs.SYS	$ED110000	\SystemRoot\System32\Drivers\Npfs.SYS
rasacd.sys	$ED512000	\SystemRoot\System32\DRIVERS\rasacd.sys
tcpip.sys	$BCC67000	\SystemRoot\System32\DRIVERS\tcpip.sys
msgpc.sys	$ED120000	\SystemRoot\System32\DRIVERS\msgpc.sys
wanarp.sys	$ED3E0000	\SystemRoot\System32\DRIVERS\wanarp.sys
netbt.sys	$BCC43000	\SystemRoot\System32\DRIVERS\netbt.sys
netbios.sys	$ED130000	\SystemRoot\System32\DRIVERS\netbios.sys
rdbss.sys	$BCB81000	\SystemRoot\System32\DRIVERS\rdbss.sys
mrxsmb.sys	$BCB11000	\SystemRoot\System32\DRIVERS\mrxsmb.sys
Ntfs.SYS	$BCA66000	\SystemRoot\System32\Drivers\Ntfs.SYS
EFS.SYS	$ED3F8000	\SystemRoot\System32\Drivers\EFS.SYS
dump_WMILIB.SYS	$ED5DA000	\SystemRoot\System32\Drivers\dump_WMILIB.SYS
dump_atapi.sys	$BCA51000	\SystemRoot\System32\Drivers\dump_atapi.sys
win32k.sys	$A0000000	\??\C:\WINNT\system32\win32k.sys
ati2dvaa.dll	$BAA08000	\SystemRoot\System32\ati2dvaa.dll
nbf.sys	$BA977000	\SystemRoot\System32\DRIVERS\nbf.sys
afd.sys	$BA959000	\SystemRoot\System32\drivers\afd.sys
wdmaud.sys	$BA856000	\SystemRoot\system32\drivers\wdmaud.sys
sysaudio.sys	$BCC13000	\SystemRoot\system32\drivers\sysaudio.sys
ParVdm.SYS	$ED532000	\SystemRoot\System32\Drivers\ParVdm.SYS
Fips.SYS	$ED150000	\SystemRoot\System32\Drivers\Fips.SYS
srv.sys	$BA6B7000	\SystemRoot\System32\DRIVERS\srv.sys
Cdfs.SYS	$ED270000	\SystemRoot\System32\Drivers\Cdfs.SYS
ipsec.sys	$ED140000	\SystemRoot\System32\DRIVERS\ipsec.sys
kmixer.sys	$BA175000	\SystemRoot\system32\drivers\kmixer.sys
ntdll.dll	$77F80000	\WINNT\System32\ntdll.dll
ntoskrnl.exe	$80400000	\WINNT\System32\ntoskrnl.exe
hal.dll	$80062000	\WINNT\System32\hal.dll
BOOTVID.DLL	$ED410000	\WINNT\System32\BOOTVID.DLL
ACPI.sys	$BFFD8000	ACPI.sys
WMILIB.SYS	$ED5C8000	\WINNT\System32\DRIVERS\WMILIB.SYS
pci.sys	$ED000000	pci.sys
isapnp.sys	$ED010000	isapnp.sys
pciide.sys	$ED5C9000	pciide.sys
PCIIDEX.SYS	$ED280000	\WINNT\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys	$ED288000	MountMgr.sys
ftdisk.sys	$BFFBB000	ftdisk.sys
Diskperf.sys	$ED500000	Diskperf.sys
dmload.sys	$ED502000	dmload.sys
dmio.sys	$BFF99000	dmio.sys
PartMgr.sys	$ED414000	PartMgr.sys
atapi.sys	$BFF84000	atapi.sys
disk.sys	$ED290000	disk.sys
CLASSPNP.SYS	$ED020000	\WINNT\System32\DRIVERS\CLASSPNP.SYS
Fastfat.sys	$BFF61000	Fastfat.sys
KSecDD.sys	$BFF50000	KSecDD.sys
NDIS.sys	$BFF28000	NDIS.sys
ohci1394.sys	$ED030000	ohci1394.sys
1394BUS.SYS	$ED040000	\WINNT\System32\DRIVERS\1394BUS.SYS
Mup.sys	$BFF12000	Mup.sys
agp440.sys	$ED298000	agp440.sys
VIDEOPRT.SYS	$ED070000	\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
ati2mtaa.sys	$BFEAA000	\SystemRoot\System32\DRIVERS\ati2mtaa.sys
e100bnt5.sys	$BFE94000	\SystemRoot\System32\DRIVERS\e100bnt5.sys
i8042prt.sys	$ED080000	\SystemRoot\System32\DRIVERS\i8042prt.sys
mouclass.sys	$ED2C8000	\SystemRoot\System32\DRIVERS\mouclass.sys
kbdclass.sys	$ED2D8000	\SystemRoot\System32\DRIVERS\kbdclass.sys
cdrom.sys	$ED2E8000	\SystemRoot\System32\DRIVERS\cdrom.sys
USBD.SYS	$ED308000	\SystemRoot\System32\DRIVERS\USBD.SYS
uhcd.sys	$ED2F8000	\SystemRoot\System32\DRIVERS\uhcd.sys
KS.SYS	$BFE53000	\SystemRoot\system32\drivers\KS.SYS
portcls.sys	$BFE6F000	\SystemRoot\system32\drivers\portcls.sys
ichaud.sys	$ED318000	\SystemRoot\system32\drivers\ichaud.sys
fdc.sys	$ED330000	\SystemRoot\System32\DRIVERS\fdc.sys
serial.sys	$ED090000	\SystemRoot\System32\DRIVERS\serial.sys
serenum.sys	$ED484000	\SystemRoot\System32\DRIVERS\serenum.sys
parport.sys	$ED348000	\SystemRoot\System32\DRIVERS\parport.sys
gameenum.sys	$ED48C000	\SystemRoot\System32\DRIVERS\gameenum.sys
audstub.sys	$ED5D3000	\SystemRoot\System32\DRIVERS\audstub.sys
rasl2tp.sys	$ED0A0000	\SystemRoot\System32\DRIVERS\rasl2tp.sys
ndistapi.sys	$ED494000	\SystemRoot\System32\DRIVERS\ndistapi.sys
ndiswan.sys	$BFE3D000	\SystemRoot\System32\DRIVERS\ndiswan.sys
TDI.SYS	$ED4A4000	\SystemRoot\System32\DRIVERS\TDI.SYS
raspptp.sys	$ED0B0000	\SystemRoot\System32\DRIVERS\raspptp.sys
ptilink.sys	$ED368000	\SystemRoot\System32\DRIVERS\ptilink.sys
raspti.sys	$ED378000	\SystemRoot\System32\DRIVERS\raspti.sys
parallel.sys	$ED0C0000	\SystemRoot\System32\DRIVERS\parallel.sys
swenum.sys	$ED5D4000	\SystemRoot\System32\DRIVERS\swenum.sys
update.sys	$BFE1E000	\SystemRoot\System32\DRIVERS\update.sys
usbhub.sys	$ED0E0000	\SystemRoot\System32\DRIVERS\usbhub.sys
flpydisk.sys	$ED3A0000	\SystemRoot\System32\DRIVERS\flpydisk.sys
NDProxy.SYS	$ED100000	\SystemRoot\System32\Drivers\NDProxy.SYS
Fs_Rec.SYS	$ED50A000	\SystemRoot\System32\Drivers\Fs_Rec.SYS
Null.SYS	$ED5D7000	\SystemRoot\System32\Drivers\Null.SYS
Beep.SYS	$ED5D8000	\SystemRoot\System32\Drivers\Beep.SYS
vga.sys	$ED4C4000	\SystemRoot\System32\drivers\vga.sys
mnmdd.SYS	$ED5D9000	\SystemRoot\System32\Drivers\mnmdd.SYS
Msfs.SYS	$ED3C0000	\SystemRoot\System32\Drivers\Msfs.SYS
Npfs.SYS	$ED110000	\SystemRoot\System32\Drivers\Npfs.SYS
rasacd.sys	$ED512000	\SystemRoot\System32\DRIVERS\rasacd.sys
tcpip.sys	$BCC67000	\SystemRoot\System32\DRIVERS\tcpip.sys
msgpc.sys	$ED120000	\SystemRoot\System32\DRIVERS\msgpc.sys
wanarp.sys	$ED3E0000	\SystemRoot\System32\DRIVERS\wanarp.sys
netbt.sys	$BCC43000	\SystemRoot\System32\DRIVERS\netbt.sys
netbios.sys	$ED130000	\SystemRoot\System32\DRIVERS\netbios.sys
rdbss.sys	$BCB81000	\SystemRoot\System32\DRIVERS\rdbss.sys
mrxsmb.sys	$BCB11000	\SystemRoot\System32\DRIVERS\mrxsmb.sys
Ntfs.SYS	$BCA66000	\SystemRoot\System32\Drivers\Ntfs.SYS
EFS.SYS	$ED3F8000	\SystemRoot\System32\Drivers\EFS.SYS
dump_WMILIB.SYS	$ED5DA000	\SystemRoot\System32\Drivers\dump_WMILIB.SYS
dump_atapi.sys	$BCA51000	\SystemRoot\System32\Drivers\dump_atapi.sys
win32k.sys	$A0000000	\??\C:\WINNT\system32\win32k.sys
ati2dvaa.dll	$BAA08000	\SystemRoot\System32\ati2dvaa.dll
nbf.sys	$BA977000	\SystemRoot\System32\DRIVERS\nbf.sys
afd.sys	$BA959000	\SystemRoot\System32\drivers\afd.sys
wdmaud.sys	$BA856000	\SystemRoot\system32\drivers\wdmaud.sys
sysaudio.sys	$BCC13000	\SystemRoot\system32\drivers\sysaudio.sys
ParVdm.SYS	$ED532000	\SystemRoot\System32\Drivers\ParVdm.SYS
Fips.SYS	$ED150000	\SystemRoot\System32\Drivers\Fips.SYS
srv.sys	$BA6B7000	\SystemRoot\System32\DRIVERS\srv.sys
Cdfs.SYS	$ED270000	\SystemRoot\System32\Drivers\Cdfs.SYS
ipsec.sys	$ED140000	\SystemRoot\System32\DRIVERS\ipsec.sys
kmixer.sys	$BA0B1000	\SystemRoot\system32\drivers\kmixer.sys
ntdll.dll	$77F80000	\WINNT\System32\ntdll.dll
ntoskrnl.exe	$80400000	\WINNT\System32\ntoskrnl.exe
hal.dll	$80062000	\WINNT\System32\hal.dll
BOOTVID.DLL	$ED410000	\WINNT\System32\BOOTVID.DLL
ACPI.sys	$BFFD8000	ACPI.sys
WMILIB.SYS	$ED5C8000	\WINNT\System32\DRIVERS\WMILIB.SYS
pci.sys	$ED000000	pci.sys
isapnp.sys	$ED010000	isapnp.sys
pciide.sys	$ED5C9000	pciide.sys
PCIIDEX.SYS	$ED280000	\WINNT\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys	$ED288000	MountMgr.sys
ftdisk.sys	$BFFBB000	ftdisk.sys
Diskperf.sys	$ED500000	Diskperf.sys
dmload.sys	$ED502000	dmload.sys
dmio.sys	$BFF99000	dmio.sys
PartMgr.sys	$ED414000	PartMgr.sys
atapi.sys	$BFF84000	atapi.sys
disk.sys	$ED290000	disk.sys
CLASSPNP.SYS	$ED020000	\WINNT\System32\DRIVERS\CLASSPNP.SYS
Fastfat.sys	$BFF61000	Fastfat.sys
KSecDD.sys	$BFF50000	KSecDD.sys
NDIS.sys	$BFF28000	NDIS.sys
ohci1394.sys	$ED030000	ohci1394.sys
1394BUS.SYS	$ED040000	\WINNT\System32\DRIVERS\1394BUS.SYS
Mup.sys	$BFF12000	Mup.sys
agp440.sys	$ED298000	agp440.sys
VIDEOPRT.SYS	$ED070000	\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
ati2mtaa.sys	$BFEAA000	\SystemRoot\System32\DRIVERS\ati2mtaa.sys
e100bnt5.sys	$BFE94000	\SystemRoot\System32\DRIVERS\e100bnt5.sys
i8042prt.sys	$ED080000	\SystemRoot\System32\DRIVERS\i8042prt.sys
mouclass.sys	$ED2C8000	\SystemRoot\System32\DRIVERS\mouclass.sys
kbdclass.sys	$ED2D8000	\SystemRoot\System32\DRIVERS\kbdclass.sys
cdrom.sys	$ED2E8000	\SystemRoot\System32\DRIVERS\cdrom.sys
USBD.SYS	$ED308000	\SystemRoot\System32\DRIVERS\USBD.SYS
uhcd.sys	$ED2F8000	\SystemRoot\System32\DRIVERS\uhcd.sys
KS.SYS	$BFE53000	\SystemRoot\system32\drivers\KS.SYS
portcls.sys	$BFE6F000	\SystemRoot\system32\drivers\portcls.sys
ichaud.sys	$ED318000	\SystemRoot\system32\drivers\ichaud.sys
fdc.sys	$ED330000	\SystemRoot\System32\DRIVERS\fdc.sys
serial.sys	$ED090000	\SystemRoot\System32\DRIVERS\serial.sys
serenum.sys	$ED484000	\SystemRoot\System32\DRIVERS\serenum.sys
parport.sys	$ED348000	\SystemRoot\System32\DRIVERS\parport.sys
gameenum.sys	$ED48C000	\SystemRoot\System32\DRIVERS\gameenum.sys
audstub.sys	$ED5D3000	\SystemRoot\System32\DRIVERS\audstub.sys
rasl2tp.sys	$ED0A0000	\SystemRoot\System32\DRIVERS\rasl2tp.sys
ndistapi.sys	$ED494000	\SystemRoot\System32\DRIVERS\ndistapi.sys
ndiswan.sys	$BFE3D000	\SystemRoot\System32\DRIVERS\ndiswan.sys
TDI.SYS	$ED4A4000	\SystemRoot\System32\DRIVERS\TDI.SYS
raspptp.sys	$ED0B0000	\SystemRoot\System32\DRIVERS\raspptp.sys
ptilink.sys	$ED368000	\SystemRoot\System32\DRIVERS\ptilink.sys
raspti.sys	$ED378000	\SystemRoot\System32\DRIVERS\raspti.sys
parallel.sys	$ED0C0000	\SystemRoot\System32\DRIVERS\parallel.sys